Using XenDesktop 5 with VMware

Last year I blogged about using VMware with XenDesktop. That article was focused on XenDesktop 4 and VMware integration. With the recent release of XenDesktop 5, it’s time for an updated article. In this blog post I am going to go over using XenDesktop 5 with VMware.

vCenter HTTPS Access

1. If it doesn’t already exist, create a DNS entry for your vCenter server. Another option would be to create a host file entry on your XenDesktop Delivery Controllers and Provisioning Servers for your Virtual Center/vCenter server.

2. Using your browser connect to the FQDN of the vCenter server. You should get a warning about the website’s security certificate. Click continue to this website (not recommended).

3. Click the Certificate Error in the Security Status bar and select View certificates. Once you can see the vCenter certificate, Click Install Certificate.

4. When the Certificate Import Wizard comes up, select Place all certificates in the following store and click Browse.

5. When Select Certificate Store comes up, select Show physical stores then expand Trusted People and then select Local Computer and click Ok.

8. Close the browser and reopen it. You should be able to browse to your vCenter server without getting any certificate errors.

vCenter role for XenDesktop

When setting up the XenDesktop role in vCenter, the permissions listed in the Citrix eDocs are from the SDK programming guide and some permissions are not what is actually shown in the add a new role dialog box. Differences in permissions are noted below in bold.

Create a role in vCenter with the following permissions:

Datastore Permissions

Allocate space

Browse datastore

File management is listed in Citrix eDocs but it is Low level file operations in vCenter

Network Permissions

Assign network

Resource Permissions

Assign virtual machine to resource pool

System Permissions – These permissions are automatically added when you create a role in vCenter.

Anonymous

Read

View

Task Permissions

Create Task

Virtual Machine/Configuration Permissions

Add existing disk

Add new disk

Change CPU count

Configure Resource is listed in the Citrix eDocs but it is Change resource in vCenter

Memory

Remove disk

Virtual Machine/Interaction

Power Off

Power On

Reset

Suspend

Virtual Machine/Inventory

Create is listed in the Citrix eDocs but it is Create New in vCenter

Create from existing

Delete is listed the Citrix eDocs but is Remove in vCenter

Register

Virtual Machine/Provisioning

Clone is listed in the Citrix eDocs but it is Clone virtual machine in vCenter

Disk Random Access is listed in the Citrix eDocs but it is Allow disk access in vCenter

Get VM Files is listed in the Citrix eDocs but it is Allow virtual machine download in vCenter

Put VM Files is listed in the Citrix eDocs but it is Allow virtual machine files upload in vCenter

Virtual Machine/State

Create snapshot

Revert to snapshot

If you want XenDesktop to tag the virtual machines, you must also add the following permissions:

Global

Manage Custom Fields is in the Citrix eDocs but it is Manager custom attributes in vCenter

Set Custom Field is in the Citrix eDocs but it is Set custom attribute in vCenter

To use XenDesktop Setup Tool with Provisioning Services, you will have to add the following permissions in addition to what is listed above:

Virtual Machine/Provisioning

Clone Template

Deploy Template

Now that we have the XenDesktop role created, assign a domain account to the role. For this article the example domain account is Citirx_services.

One question I am always asked when using XenDesktop with VMware by customers is how to limit virtual machine creation to a certain cluster or servers within vCenter. Follow the steps below to control where virtual machines are deployed within your VMware infrastructure.

Assign the XenDesktop role at the Datacenter level but do not propagate by unselecting Propagate when adding the role.

Assign the XenDesktop role at the Cluster level but do not propagate by unselecting Propagate when adding the role. If you want to control virtual machine creation at the Cluster level then leave Propagate selected. Assign the XenDesktop role to Servers within a Cluster if you want to limit virtual machine creation to certain Servers within a Cluster.

Assign the XenDesktop role to the Networks you want the virtual machines to have access to.

Assign the XenDesktop role the to Datastores you want virtual machines to be created in.

If you are also using folders within vCenter in the VMs and Templates view make sure to also assign the XenDesktop role to the folders you want virtual machines created in.

You should now be able to control where the virtual machines are placed when they are created. See the screenshot below for an example of controlling where virtual machines get created.

In the example above, virtual machines will only be created within the CitrixDesktops folder on a single server within the VDILab cluster in a single Datacenter in vCenter. The virtual machines will only use the VDI Network and will only be created on the LeftHand_Lab Datastore.

When you create virtual machines using Machine Creation Services or XenDesktop Setup Tool with Provisioning Services, configure the following on the Host screen:

I figured this one or rather found out it’s a no go. It would work with XenServer but not VMware. When XD5 uses Vmware you need kill the catalog and recreate it, this means all machine creation process and longer maintenance window which sucks

any idea how an existing catalog can be migrated to different datastore within the same VM cluster?
I just noticed that in Create Catalog wizard I’m not prompted for Storage selection although I have 3 datastores. I also created another host which is the same cluster but different datastore but Catalog wizard doesn’t prompt to select host either. It’s XD5 MCS on vSphere 4.1